Litespeed Technologie OpenLiteSpeed 安全漏洞

Litespeed Technologie OpenLiteSpeed is an open source web server from LiteSpeed Technologie Litespeed Technologie. A security vulnerability in LiteSpeed Technologies OpenLiteSpeed web server version 1.7.8 allows an attacker to gain access to the root terminal and execute commands on the host syst...

PT-2021-18072 · Synology · Synology Diskstation Manager

Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM versions prior to 6.2.3-25426-3 Description: The issue is related to the improper neutralization of special elements used in an OS command in SYNO.Core.Network.PPPoE, allowing remote authenticated users to...

CVE-2020-10583

The /admin/admapi.php script of Invigo Automatic Device Management ADM through 5.0 allows remote authenticated attackers to execute arbitrary OS commands on the server as the user running the application...

Omrilotan async-git Parameter Injection Vulnerability

Omrilotan async-git is a Javascript-based code repository that supports interaction with git repositories by the individual developer Omrilotan. A parameter injection vulnerability exists in async-git. The vulnerability originates from allowing shell metacharacters to be injected into git command...

CVE-2020-26193

Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation vulnerability. A user with the ISIPRIVCLUSTER privilege may exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable...

CVE-2021-1139

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory...

The vulnerability of the command-line interface of the Cisco Connected Mobile Experiences software allows a attacker to execute arbitrary commands with root privileges.

The vulnerability of the command-line interface of the Cisco Connected Mobile Experiences software relates to errors in privilege management. Exploiting this vulnerability allows an attacker to execute arbitrary commands with root privileges...

CVE-2020-9119

There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The attacker needs to physically contact the mobile phone and obtain higher privileges, and execute relevant commands, resulting in the user's privilege promotion...

Trend Micro InterScan Web Security Virtual Appliance Command Execution Vulnerability (CNVD-2020-73776)

Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. A command execution vulnerability exists in Trend Micro InterScan Web Security Virtual...

Trend Micro InterScan Web Security Virtual Appliance 授权问题漏洞

Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. A command execution vulnerability exists in Trend Micro InterScan Web Security Virtual...

Command Execution Vulnerability in Kingsoft V8+ Terminal Security System

Kingsoft V8+ Terminal Security is a security software for enterprise-level users. A command execution vulnerability exists in Kingsoft V8+ Terminal Security System, which can be exploited by attackers to gain control of a server...

B&r Automation APROL Injection Vulnerability

B&r Automation B&r Automation APROL is a Linux-based process control system for industrial control applications from Australian company B&r Automation. An injection vulnerability exists in B&R Industrial Automation APROL versions prior to R4.2 V7.08, which stems from some web scripts in the web...

Command Execution Vulnerability in Huaxia ERP (CNVD-2020-70782)

Huaxia ERP based on SpringBoot framework , aspires to provide small and medium-sized enterprises with open source and good ERP software , currently focusing on sales and inventory + financial functions . HUAXIA ERP has a command execution vulnerability. Attackers can use this vulnerability to...

Command Execution Vulnerability in TEMMOKUMVC of Pizhou Tianmu Network Technology Co.

TEMMOKUMVC is Pizhou Tianmu Network Technology Co., Ltd. developed a professional PHP + MYSQL products, using the independent MVC framework for large and small and medium-sized enterprises of the open source MVC. TEMMOKUMVC Pizhou Tianmu Network Technology Co., Ltd. command execution vulnerabilit...

Command Execution Vulnerability in the Backend of Wild Rain Novel CMS (CNVD-2020-68554)

Wild Rain Fiction Content Management System provides a lightweight fiction website solution based on ThinkPHP 5.1+MySQL. Rain Novel cms backend command execution vulnerability , attackers can use the vulnerability to obtain server privileges...

Command Execution Vulnerability in Scarecrow PHP System

Scarecrow PHP System is a simple and open source enterprise website program. Scarecrow PHP system has a command execution vulnerability that can be exploited by attackers to gain server control privileges...

Command Execution Vulnerability in Netnifty Power V6000-F2310 (CNVD-2020-69492)

Power V6000-F2310 is a Netnifty Firewall. A command execution vulnerability exists in the Netnifty Power V6000-F2310, which can be exploited by an attacker to gain control of a server...

Command Execution Vulnerability in Ocean CMS (CNVD-2020-69485)

Ocean CMS seacms, Ocean Video Management System is a video-on-demand system designed for webmasters with different needs. A command execution vulnerability exists in the background of Ocean CMS. Attackers can use this vulnerability to write malicious code to execute system commands and obtain...

Exploit for OS Command Injection in Oracle Weblogic_Server

What is this? This is a poc of CVE-2017-3506Weblogic XMLD...

Command Execution Vulnerability in Curtains of Beijing KunDou Technology Co.

Curtain is a mind mapping software for computers. A command execution vulnerability exists in Beijing Kundu Technology Co Ltd Curtains. An attacker can exploit this vulnerability to gain server privileges...